Network Perimeter Security —— Building Defense In-Depth

----- 网络周边安全：建立深度防御

ISBN: 9780367394899 出版年：2003 页码：422 Riggs, Cliff Auerbach Publications

PREFACE Who is this Book For? The Path to Network Security Who Should Read This Book? MANAGING NETWORK SECURITY The Big Picture: Security Policies from A to Z Administrative Countermeasures Physical Countermeasures Technological Countermeasures Creating the Security Standards Document Creating the Configuration Guide Document Pulling it All Together: Sample Security Policy Creation Proteris Security Standards and Procedures THE NETWORK STACK AND SECURITY Connecting the Network Protocols Servers and Hosts CRYPTOGRAPHY AND VPN TERMINOLOGY Keys Certificates Hashing Digital Signatures Common Encryption Algorithms Split Tunneling APPLICATION SECURITY NEEDS The Network Time Protocol Domain Name System Servers ACCESS CONTROL Passwords Biometrics RADIUS/TACACS+ THE PUBLIC KEY INFRASTRUCTURE PKI Protocols PKI Implementation FIREWALLS Types of Firewalls Decisions, Decisions Router Security Considerations The Router as the Firewall Improving Your Security Beyond Basic Packet Filtering Application Layer Filtering Specific Protocol Considerations Additional Router Firewall Features Writing and Applying Filters Maintaining Firewalls NAT, Firewalls, VPNs and the DMZ INTRUSION DETECTION SYSTEMS Signature Based IDS Statistical Based IDS Host Based versus Network Based IDS Tuning the IDS IDS Placement Reactive IDS Integrating the Firewall and IDS Other IDS Systems VIRTUAL PRIVATE NETWORKS VPN Limitations VPN Solutions IP-Based Virtual Private Networks Internet Protocol Security Key Exchanges Internet Key Exchange Integrating Network Address Translation and IPSec Integrating the VPN and Firewall Quality of Service and the VPN WIRELESS NETWORK SECURITY NETWORK PENETRATION TESTING Outsourcing Network Penetration Testing Putting it all Together INCIDENT RESPONSE Prevention Detection Evaluation Containment Investigation Eradication Post-Mortem DISASTER RECOVERY AND CONTINUITY PLANNING Types of Disaster Recovery Plans ACCEPTABLE USE POLICIES THE FINAL WORD